If you're running an Open-AudIT server on Linux, this doesn't affect you.
For Open-AudIT 5.0.0 and newer, when running Open-AudIT on Windows the Apache service account must be that of a 'regular' user (or the Administrator). This is because the "Local System" account normally used to run Apache has no access to any "network" resources. IE - We cannot use Apache when running as the Local System account account to copy the audit script to Windows PCs.
To make the change, just follow the steps below.
Select the Start menu and type "services". Click the Services icon.
Next, right click the Apache2.4 service and select Properties, then click the Log On tab.
Select the "This Account" checkbox and provide the account name and password.
Next, click OK, then right click the Apache 2.4 service and click Restart. Done.
The below is deprecated as at the 5.0.0 release and only applies to earlier versions.
This relates to using our default network address as http://127.0.0.1/open-audit/ and auditing Windows computers using a script from a Windows Open-AudIT server.
...
This is because the "Local System" account used to run Apache has no access to any "network" resources. IE - We cannot use Apache when running as trhis this account to copy the audit script to Windows PCs.
...
The best fix for this case is not to implement this configuration change, rather change the account that Apache runs as to a regular user account. This user needs no special domain or local privelegesprivileges. It just needs to be a "normal" local user. A normal user does have access to network resources and will work as intended.
Also ensure Nmap is installed for "all users". Nmap must be in the path of your Apache service accounts user. You can check this by logging on as the account specified to be the Apache Service account and running the below on the command line. You should see the Nmap install directory listed there. You should also be able to run "nmap --version" as that user without specifiying the complete path to the Nmap executable.
| Code Block |
|---|
echo %PATH% |
The change is simple to make, just follow the steps below.
...